CVE-2009-2798

Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.

Publication date: Fri, 11 Sep 2009 02:30:00 +0000

Cyber News related to CVE-2009-2798

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago

CVE-2009-2798 - Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. ...
6 years ago

CVE-2014-2798 - Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2789 - Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2804 - Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2795 - Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2018-5991 - SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a viewstats request, a different vulnerability than CVE-2015-2798. ...
6 years ago

CVE-2013-2798 - Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. ...
11 years ago

CVE-2015-2798 - SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
7 years ago

CVE-2006-2798 - Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) ...
7 years ago

CVE-2008-2798 - Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via ...
6 years ago

CVE-2005-2798 - sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. ...
6 years ago

CVE-2012-2798 - Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write." ...
6 years ago

CVE-2016-2798 - The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have ...
5 years ago

CVE-2011-2798 - Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site. ...
4 years ago

CVE-2007-2798 - Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal. ...
4 years ago

CVE-2017-2798 - An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An ...
2 years ago

CVE-2018-2798 - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable ...
2 years ago

CVE-2022-2798 - The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data ...
2 years ago

CVE-2020-2798 - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high ...
2 years ago

CVE-2019-2798 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols ...
2 years ago

CVE-2010-2798 - The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer ...
1 year ago

Latest Cyber News

CVE-2025-1193 - 19 hours ago
CVE-2024-11621 - 19 hours ago
CVE-2025-1147 - 19 hours ago
CVE-2025-1148 - 19 hours ago
CVE-2024-8684 - 20 hours ago
CVE-2024-8685 - 20 hours ago
CVE-2025-1175 - 20 hours ago
CVE-2025-25247 - 21 hours ago
CVE-2025-1099 - 22 hours ago
CVE-2025-21684 - 1 day ago
CVE-2025-21685 - 1 day ago
CVE-2024-57949 - 1 day ago
CVE-2024-13440 - 2 days ago
CVE-2025-0169 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago
CVE-2023-4927 - 2 days ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-1099 - 22 hours ago
CVE-2025-25247 - 21 hours ago
CVE-2024-8684 - 20 hours ago
CVE-2024-8685 - 20 hours ago
CVE-2025-1175 - 20 hours ago
CVE-2024-11621 - 19 hours ago
CVE-2025-1147 - 19 hours ago
CVE-2025-1148 - 19 hours ago
CVE-2025-1193 - 19 hours ago
CVE-2025-1115 - 2 days ago
CVE-2025-1116 - 2 days ago
CVE-2024-13850 - 2 days ago
CVE-2025-1117 - 2 days ago
CVE-2024-54176 - 2 days ago
CVE-2023-4927 - 2 days ago
CVE-2024-5183 - 2 days ago
CVE-2024-6909 - 2 days ago
CVE-2024-8377 - 2 days ago
CVE-2025-0316 - 2 days ago
CVE-2025-0517 - 2 days ago